MySQL Forums
Forum List  »  Security

Re: Grant permissions
Posted by: Georgi Kodinov
Date: April 08, 2020 09:27AM

Theoretically speaking the best practice is to give everybody the minimal amount of access so they can do their jobs.
Thus what Peter says here is 100% correct.

But, to quote Yogi Berra: in theory there's no difference between theory and practice. And in practice there is.

IMHO in practice it depends on what you are required to do. And then on the cost/benefit analysis.
If you need to pass some audit (PCI, HPAA, GDPR, you name it) then you will basically need to see what the requirements are in these and implement them.
Ditto your customer/organization's standards.

And finally, if there's nobody requesting that you do something in a certain way you need to decide for yourself if you can afford the consequences.
It's the same as putting up a lock on your house door. Do you go for the extra fancy one that takes fingerprints and has 4 way lock and reinforced steel rods ? Is it worth to put that on your garden tool shed ? If you can afford it all the power to you. But if the cost of protection is higher than the materials you're protecting or the effort you expect somebody to go into to get them then it's also pointless.

So basically this is a question you need to answer for your own data IMHO. As you know best their value and the possible threats to them.

Georgi "Joro" Kodinov
MySQL SrvGen team lead
Plovdiv, Bulgaria

Options: ReplyQuote


Subject
Views
Written By
Posted
281
March 16, 2020 02:47PM
145
March 16, 2020 03:06PM
Re: Grant permissions
129
April 08, 2020 09:27AM
131
April 08, 2020 12:02PM


Sorry, you can't reply to this topic. It has been closed.

Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.